security

Apple designed the iPhone as a “closed” system that won’t allow the installation of third-party applications. This restricts users to the factory-installed tools of the file system called a “sandbox” where they can add and remove music and other files through iTunes (Pandya, 2008). This restriction irritated iPhone users which prompted users to hack or “jailbreak” the iPhone. This meant that third-party applications or gadgets could be permitted by allowing read/write access to the root file system (Pandya, 2008). Once the phone has been hacked it leads to unlocking the phone which allows the phone to be used by any wireless carrier and not just AT&T. Within the first six months of its release nearly a million iPhones were jailbroken and unlocked. Once unlocked the serious issues begin to arise.

Researchers at Independent Security Evaluators examined vulnerabilities with the software and were able to perform malicious attacks. In the first attack when a malicious HTML document was visited using Safari, “the iPhone was forced to make a connection to an outbound compromised server controlled by the attackers” (Pandya, 2008). The attackers could then secretively obtain personal information including contacts, call history, text messages, voice mails, passwords, and even emails.  The dangerous part about the attack is that it was carried out with ease. The author Pandya (2008) mentions that all it takes is for a link to a compromised web site to be sent via email and the iPhone owner would be lured into it and that is all it would take to obtain the user’s personal information. In 2010 however, the Library of Congress legalized the hacking known as “jailbreaking” which allows users to legally hack into their devices and run apps not permitted by iTunes (Schwartzel, 2010).